Resource Computer Solutions
Remote Support
Resource Computer Solutions
Join Us Today!

Engineering Your Security | Part 4 | Piggybacking

RCS Piggybacking Blog Pic

What most individuals know about Social Engineering is either what they have experienced through emails phishing attempts, or baiting through phone calls. Is there any other method that hackers use to steal your information though? Unfortunately the answer is yes. Cybercriminals are not just limited to sending emails and making phone calls to your company! Many hackers still use in person tactics which are referred to as Piggybacking.

What is Piggybacking?
This form of Social Engineering is done with the hacker physically approaching an employee or entering your company’s building to retrieve important private information. Hacker’s will wait for an opportune time to enter a restricted area by following an employee in or convincing the employee to allow them access. They often accomplish this by waiting outside of the area they wish to access claiming that they have forgotten their key or security pass and then ask an employee to hold open the door for them so that they can enter without suspicion. If they wish to enter a building in general, a hacker may pose as a delivery driver carrying a large box and ask for assistance from an employee passing by to hold the door open for them. By relying on the kindness and trust of others cybercriminals are then able to enter buildings and secured rooms in order to find private information or even use a flash drive to upload a virus to wreck havoc on your company!

What can you do?
It is important to always ask for identification when either allowing someone into the building or before granting them access to a specific room. What if they claim they lost or forgot their form of identification that would have let them in? Unless you either know the individual personally, or can contact a supervisor or fellow coworker you know that can confirm their identification it is best to not grant them access. What if they just forgot their cellphone or a folder and wanted to retrieve it? If that is the case then you can have them wait outside the room and retrieve it for them. It is always best to be cautious in these types of situations and to be on the safe side in order to keep your data secure.

Whether it’s through email, over the phone, or even in person Social Engineering tactics can be avoided and prevented with the right tools and help. Our certified technicians here at RCS and our partners like Sophos and Datto are here to make sure that you and your business have a disaster recovery and prevention plan that’s best suited to your specific needs. If you have any questions or would like a consultation on how to get started on your disaster prevention plan then give RCS a call today at 909 • 949 •9159.


By Resource Computer Solutions